Analysis of power outage in Venezuela
In this paper, the power outage in Venezuela is selected for analysis, and its potential causes are analyzed in depth.
Event review
According to Xinhua News Agency, starting at 5:00 PM on March 7, 2019 (local time), most parts of Venezuela, including the capital Caracas, had a power outage for more than 24 hours. In 23 states of Venezuela, more than 18 states had a total power outage, which led to the Caracas subway being unable to run, causing large-scale traffic congestion. Schools, hospitals, factories, airports, etc., have been severely affected, and water supply and communication networks in most areas have been affected.
In the early morning of the 8th, some parts of Caracas began to restore power supply, and then the power supply in other areas was gradually restored, but at noon on the 9th and again on the 10th, causing great panic. The prolonged and widespread power failure has caused serious damage to Venezuela, and the power outage is the longest and most widespread in Venezuela since 2012.
Threat possibility analysis
For this large-scale power failure, the industry has a variety of different analysis points of view, there is no unified conclusion, this paper will from eight aspects (see Figure 3) one by one analysis of the potential safety hazards that may cause this large-scale power failure.
1, the field control layer threat
The control system of the Guri hydropower Station in Venezuela is a distributed control system (DCS) designed by ABB for the power plant. ABB is one of the world’s top 500 leading manufacturers in the field of power and automation technology, but ABB systems have been exposed to many high-risk vulnerabilities. For example, (CNVD-2016-10592) ABB RobotWare remote code execution vulnerability, (CNVD-2014-08129) Multiple ABB product local code execution vulnerabilities.
By analyzing and using publicly released vulnerabilities, attackers can write malicious code to make viruses and carry out malicious attacks against ABB control systems. Because the control equipment used in the Guri hydropower station in Venezuela is relatively old, if the relevant security patches or other effective preventive measures are not upgraded in time, there may be more vulnerabilities in the system that are exploited by attackers, resulting in large-scale power outages.
2. Threats at the process monitoring layer
SCADA system (Supervisory Control and Data Acquisition) is a data acquisition and monitoring control system in the architecture of industrial control systems. In the power system, SCADA system is widely used, according to news reports, Venezuela’s Guri hydropower station is currently using SCADA system to monitor and control on-site operating equipment.
At present, SCADA has been exposed to many high-risk vulnerabilities of SCADA system (see Figure 4 for details), involving software, hardware, firmware and other aspects of the industrial control system architecture. Considering that upgrading or changing the industrial control system takes a long time to prepare and test, requires high personnel capability, and has an impact on continuous production, enterprises currently adopt a conservative attitude towards vulnerability repair, resulting in these problems hidden in the SCADA system, which may cause unpredictable impacts and losses once used by attackers.